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SYSTEM AND METHOD FOR PROVIDING NETWORK 
ACCESS TO RESTRICTED RESOURCES 



FIELD OF THE INVENTION 



The present Invention relates to a system and method for providing network access 
to restricted resources. The following description will explain the invention in terms 
of the Internet or an intranet, but the invention is not so limited in principle and 
can be applied to any suitable network of distributed client and server computers. 

BACKGROUND OF THE INVENTION 

The Internet is well known. It is a network of computers multiply linked together 
using a set of network protocols known as Transmission Control Protocol/Internet' 
Protocol (TCP/IP). According to these protocols, computers connected to the 
Internet are assigned IP addresses, which for convenience are also identified with 
domain names. These domain names are referred to in Uniform Resource Locators 
(URLs) by which files, or pages, are Identified on the worldwide web. A web site is 
typically defined as a set of network addresses on the World Wide Web under a 
single second level domain name. Domain name servers exist to translate requests 
for network access to a URL by an Internet client into the corresponding IP address. 
Access to web pages Is normally carried out through a browser on the client 
machine which enables a user to enter a URL, and when the browser is given the 
submit command the browser should retrieve the corresponding file or page from 
the appropriate server on the Internet. The client computer may be connected to 
the Internet through the server of an Internet access provider, which may include a 
proxy server at which frequently accessed web pages are stored for faster retrieval 
by the client. 

Web pages are written in Hypertext Markup Language (HTML), and transmitted 
across the Internet by means of Hypertext Transfer Protocol (HTTP). Resources on 
a network are often protected by passwords, and resources on the Internet are no 
exception. For example, a web site may simply wish to identify those who access it 
for statistical purposes, or for commercial purposes, or certain sites may simply be 
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private, or certain sites may only be accessible by payment of a fee in which case 
user identification is required for billing purposes. Typically, restricted web 
resources identify users by means of a username and password combination. The 
usemame is generally a name or word known openly, and is used for identifying the 
5 user, while the password is some other word or phrase or combination of symbols 
that need be known only to the server administering the resource and to the user. 
Provided that the password submitted by the user matches the password stored 
against the username by the resource-administering server, access is permitted. 

10 Accordingly, in order to obtain access to a restricted resource, it is first necessary 
for a prospective user to go through an enrolment procedure, in which a convenient 
username is recorded against the necessary details, such as name and address and 
account number, of the user, and then the user enters a secret password which is 
recorded by the resource server against the username. On subsequent visits to the 

15 restricted site, the user then completes an authentication procedure, which on the 
worldwide web typically involves an HTML logon form by means of which at least 
the username and password are submitted to the administering server. Once 
access has been provided in a browser session, further requests for data from the 
restricted resource by the user can be assured by the use of known procedures such 

20 as Basic Authentication or the use of persistent client state objects (cookies). 

There are also restricted resources (resources requiring a username and logon 
procedure) which do not require a pre-arranged password, and those that do not 
require any password at all. Access to these restricted resources is also within the 
25 purview of this Invention. A simple enrolment procedure with an acceptable 
username may be all that is required. 

As Is also well known, modern web browsers include such features as bookmarks, or 
favourites, or hotlists. These can take the form of a file, or hypertext page, with 

30 links to destination URLs that have been deliberately selected and stored by the 
user. By clicking on a name, button or link in this catalogue, using a browser and a 
pointing device such as a mouse, a user can cause the browser to fetch the 
appropriate page from the Internet and display it. If the page is one that requires 
user authentication, because the resource is restricted, the user is required to use 

35 the appropriate access procedure, In the course of which the correct usemame and 
password must typically be provided. For security reasons, it Is advisable to use 



different passwords for different resources, and usernames may well also be 
different. The user therefore has the task of remembering or conveniently 
recording (even though this is a poor security practice) this information, often in 
the browser or elsewhere on the user's Internet client computer. 

SUMMARY OF THE INVENTION 

The present invention provides a logon server on a distributed client/server network 
in order to simplify user logon procedures. 

The logon server is used to implement a web-based service that provides a 
centralised repository for users' favourite destinations which can be stored in a 
library of user-specific and general resource data and displayed to the user as a 
catalogue of selectable resources. Unlike other similar web based services, the 
logon server also provides a mechanism for web based single sign on to sites that 
require entry of a username or password (or any other user specific information). 

In accordance with one embodiment of the invention there is provided a distributed 
client/server computer system comprising a network of servers and clients in which 
user access to restricted resources administered by at least some of said servers is 
controlled by a logon procedure that identifies an authorised user to the respective 
administering server, which system Includes a logon server accessible by a plurality 
of clients, and the logon server is provided with: 

a) a user authentication procedure by means of which a user can log on to the 
logon server from one of said plurality of dients and use said authentication 
procedure to uniquely identify that user to the logon server; 

b) a stored library, specific to a user of the logon server, of network addresses 
of user-selected resources, including restricted resources, and of user data 
to satisfy logon procedures for the user to access the restricted resources- 
and 

c) means for detecting a request from a logged-in user through a given client 
for access to data from a resource, and, in the case of a restricted resource, 
for then carrying our at least one of the following procedures: 

(i) using the stored library of user data to complete a user logon 

procedure for that resource on behalf of the user to log the user on to 
the resource, receiving the requested data from the server 



administering the resource, and forwarding the said data to the client 
by which it was requested; 

(ii) using the stored library of user data to prepare a user logon form for 
that resource on behalf of the user and forwarding the said form to 
the client by which it was requested for the user to submit to that 
resource to log the user on to that resource; 

(iii) using the stored library of user data to partially complete a user 
logon form for that resource on behalf of the user, serving the 
partially complete form to the client, receiving the form from the 
client after the insertion of data by the user, and adding data Inserted 
into the form by the user to the library for recall for future use in 
procedure (i) or (ii). 

The user logon procedure will typically be a user enrolment procedure or, on 
subsequent visits by the user to the resource, a user authentication procedure. 
Likewise the user logon form will typically be a user enrolment form or, on 
subsequent visits by the user to the resource, a user authentication form. 

Preferably, in such a system the logon server authentication procedure includes 
transferring a username from the client to identify the user and transferring a 
verification from the client to verify the user, wherein the verification is an action 
specific to that username. A particularly preferred action is a demonstration of the 
recognition of a specific set of human faces. The security benefits of such a system, 
and methods of implementing it, are described in International Patent Application 
W093/11511, the disclosure of which is incorporated herein by reference. The 
logon server may be provided with means for requesting access to the data from 
the server administering the resource, whereby to determine whether the resource 
is a restricted resource. This may comprise means for searching for an HTML form 
in order to determine whether the resource is a restricted resource. 

The means for carrying out procedures (I), (ii) and (iii) may include a store of user 
logon forms for restricted resources. 

The stored library may Include a user-editable catalogue of resources and the logon 
server means may be provided with means for displaying the catalogue to the user 
for enabling the user to select a resource to log on to. Such a catalogue may be 



specific to the user. Desirably, selection of a resource from the catalogue by the 
user Is interpreted by the logon server as a request for access to data from that 
resource. The catalogue accordingly serves as a bookmark or favourites destination 
file that can be accessed by the user Irrespective of the client that they are using at 
any time. 



In accordance with a further embodiment of the invention there is provided, for use 
with a distributed client/server computer system comprising a network of servers 
and clients in which user access to certain restricted resources administered by at 
least some of said servers is controlled by a logon procedure that identifies an 
authorised user to the respective administering server, a method of logging a user 
on a to user-selected restricted resource from a user-selected one of a plurality of 
clients, comprising: 

a) providing a logon server in the network; 

b) transmitting a user request from said one client to said logon server to log 
the user on to the server; 

c) invoking a user authentication procedure by means of which a user can log 
on to the logon server from one of said plurality of clients and use said 
authentication procedure to uniquely Identify that user to the logon server; 

d) maintaining a stored library, specific to a user of the logon server, of 
network addresses of user-selected resources, Including restricted resources, 
and of user data to satisfy logon procedures for the user to access the 
restricted resources; 

e) detecting a request from a logged-in user through a given client for access 
to data from a resource, and, in the case of a restricted resource, then 
carrying out at least one of the following procedures: 

(I) using the stored library of user data to complete a user logon 

procedure for that resource on behalf of the user to log the user on to 
the resource, receiving the requested data from the server 
administering the resource, and forwarding the said data to the client 
by which it was requested; 

(ii) using the stored library of user data to prepare a user logon form for 
that resource on behalf of the user and forwarding the said form to 
the client by which it was requested for the user to submit to that 
resource to log the user on to that resource; 

(Hi) using the stored library of user data to partially complete a user 
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logon form for that resource on behalf of the user, serving the 
partially complete form to the client, receiving the form from the 
client after the insertion of data by the user, and adding data inserted 
into the form by the user to the library for recall for future use in 
5 procedure (i) or (ii). 

The same steps may be used In a method according to the invention of 
authenticating a client to a server In a distributed client/server computer system 
comprising a network of servers and clients in which user access to certain 
10 restricted resources administered by at least some of said servers is controlled by a 
logon procedure that identifies an authorised user to the respective administering 
server. 

The user data from the library may be used in order to log the user on to a resource 
15 not previously accessed by the user through the logon server if the resource 
requests data that is already held for that user in the library. 

The user may be authenticated in subsequent visits to a restricted resource by the 
logon server serving a completed input (logon) form either direct to the resource or 
20 to the client for the client to submit to the resource. 

The following brief description sets out in outline how a user may make use of the 
invention. It is to be understood that this is merely an overview of a typical system 
according to the invention. 

25 

Firstly, the user logs on to the logon server from any client computer on the 
network, using an authentication procedure previously established for that user. 

When the user adds a new URL to their logon server destinations, the logon server 
30 checks the corresponding web page to see If that page requests information from 
the user. If it does, then the logon server displays the page to the user for them to 
fill in. The logon server captures the details that the user fills In and will replay this 
information to the site when the user returns to that site via the logon server. In 
this manner, the logon server provides the user with a single sign on service to 
35 their favourite web destinations. 



Because all of the user's destination and single sign on information is stored 
centrally on the logon server database, the user gains mobility - they can use their 
destinations, usernames and passwords etc. from any computer with web access. 

Additionally, the logon server lists a number of "top sites" which can be 
automatically transferred to the user's destinations (without the user having to 
enter the URLs). For these sites an automatic enrolment feature is also offered. If 
the user clicks on this option, the site's enrolment form Is displayed, the logon 
server captures the user's enrolment information (name, address, username, 
password and other demographic information is often requested). The logon server 
can use this captured information to automatically 'fill in ' enrolment forms for other 
sites. 

in this manner, the invention accelerates the user's route to enrol and to log on to 
their favourite sites. The more web services the user enrols for via the logon 
server, the more information the logon server gathers and enrolment to other web 
services becomes more automated. 

The aforementioned and other features of the Invention will become more apparent 
from the following more detailed description of preferred embodiments of the 
invention. 

DESCRIPTION OF PREFERRED EMBODIMENTS 

In an exemplary distributed client/server computer network system In accordance 
with the invention, using the Internet, many users can access the Internet in any 
known way using, In particular, convenient client computers to identify themselves 
to a logon server and to authenticate themselves by taking an action that verifies 
their Identity. Currently, such a system involving a demonstration of the 
recognition of a set of human faces is demonstrated at our web site 
http://www.ld-arts mm/ where methods disclosed in W093/115H are 
implemented. 

After logon to the logon server with authentication to uniquely identify the user 
there are a number of ways In which the Invention is used. The user can use a ' 
single sign on procedure to add to their destinations new resources (i.e. web sites) 
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selected entirely by themselves, or they can use an automated enrolment procedure 
to add sites specifically offered by the logon server. In each case, there is an initial 
enrolment phase, followed by simple authentication on subsequent visits to the 
same site. 

Example 1 - Single Sign On 

The term 'single sign on' is used herein to mean a service offered by the logon 
server by which an authorised user of multiple restricted resources listed in the 
user's catalogue only has to make one single sign on in a browser session in order 
to access any of those resources. That sign on is the user's sign on, or logon, to the 
logon server itself. Signing on or logging on to the catalogued resources, including 
username and password submission, is thereafter handled automatically by the 
logon server. 

The following description concerns firstly the initial procedure of adding a new 
resource to the user's catalogue. 

When the user enters, by means of their browser, the network address 
(conveniently, as the URL) of the resource that they wish to add to their catalogue 
of destinations, the logon server reads that page (via its proxy server). Using 
procedures that will be understood by those skilled in the art, the logon server looks 
for an HTML form within that page and, if it finds one, it offers the users a check 
box to enable single sign on for that service. 

If the user chooses to use single sign on, the logon server rewrites the HTML of the 
page that the user has requested to ensure that: 

• All HREFS are removed so that no links can be followed off the page; 

• All Image tags are rewritten to ensure that their URLs are absolute and so 
will be resolved correctly; 

• The form action Is rewritten to submit the request to the logon server so that 
the logon server will receive the input from this form; 

• The original form action Is added to the form as a hidden Input field in order 
that the logon server can record where the form contents should be sent in 
order to achieve single sign on; 



Any input buttons are removed or converted into a single submit button (if 
there is not already an explicit type=submit on the page). This ensures that 
there is only one exit from the form and that it takes the user back to the 
logon server. 



This rewritten page is then served to the user within a frameset that makes it clear 
to the user that the data that they are entering will be submitted to the logon 
server. 



When the user enters the form, the logon server will receive the form data and can 
store it for the user In a library, specific to that user, containing the network 
address of the resource as well as the form data to satisfy the log-on procedures for 
the resource. The library stores a catalogue of those resources that user has 
chosen to include, which can be displayed to the user as the user chooses, in the 
manner of a hotlist. 

When the user returns to their catalogue of destinations within the logon server, the 
logon server serves them a page that contains their destinations' input forms with 
all of the form contents as hidden fields. Clicking on the ■go' button for that 
destination will effect single sign on to the site (as the form action no longer sends 
the data to the logon server but to the URL contained in the original form action). 
In this way, the user only needs to carry out one single manual sign on procedure 
to access the logon server, after which the logon server handles automatically the 
subsequent logons to restricted sites in the user's catalogue. 

Example 2 - Single Sig n On within Fram^ 

An additional complication, which requires the single sign on procedure of Example 
1 to be modified, is when the form to be entered is contained with an HTML 
frameset. To find this form, the logon server needs to recursively search the 
frameset. Once it has found the frame containing a form, the logon server will 
serve the frameset to the user with all frame references and image references 
rewritten to be absolute so that they are sourced from the original site and with all 
HREFs removed. In effect, HREFs are HTML links to other URLs. Within this 
frameset, each frame reference on the route to the frame that contains the form Is 
rewritten by the logon server In order that it will be sourced from the logon server 
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which will have cached these pages under their URLs. The frame containing the 
form will be sourced from the logon server which will rewrite it as described above. 

Consequently, as in the example without frames, the user sees a composite page 
5 that looks almost identical to the log on page of the original site. The only 

differences are that the form data will be sent to the logon server and that there is 
an additional logon server frame to remind the user of this fact. 

When the user clicks on the 'go 1 button in their catalogue next to a destination 
10 which involves a frameset, the logon server will read the top level page and all 

constituent frames which are on the route to the frame containing the form through 
its proxy server. It will rewrite them as described above and serve them to the user 
as above, except that this time HREFs will be made absolute rather than removed. 
This time, however, instead of presenting the frame containing the form rewritten 
15 to send its data to the logon server, the form is rewritten to send the user's log-on 
data to the original form action URL The effect of this is that the logon server has 
filled in the form for the user - all they have to do is press the submit button. 

In an alternative, the action of the user pressing the submit button could be 
20 simulated using Javascript, if this can be handled by the user's browser. 

Example 3 - Automated Enrol 

The logon server will display a list of free (existing, third party) web services for 
25 which automated enrol is enabled. For each service in this list, the logon server will 
provide a brief textual description of what the service offers the logon server user. 
If the user clicks oh the ■enrol' button for a particular service, the logon server will 
fetch the enrolment form page for the third party site via its proxy server. The 
logon server will rewrite the HTML for this page in a similar manner as for single 
30 sign on. The logon server will have a template for this form which will contain a 
mapping between the field name used on the form and the logon server's name for 
this Information. If the logon server has already collected any of this information 
about the user in its library of user data, because the user has already used the 
automated enrol process, then it will fill In the data in the form from its database 
35 for that user according to the template. The page will then be served to the user 



with the form action rewritten (as for single sign on) so that the form data will be 
sent to the logon server Instead of the third party site's server. 



The user fills in any blank fields in the enrolment form and submits the form. The 
logon server receives the form data and, by reference to its template for this form, 
extracts the user's information which is stored in the logon sen/er's library record 
for the user, using the logon server's field naming. The logon server then submits 
the form to the third party site's server In order to effect the enrolment. The logon 
server will receive from that site the result of the enrolment (which may contain an 
additional form). As before, the logon server will rewrite this page as necessary 
and serve it to the user. 

In effect, the logon server is monitoring the user's enrolment process with the third 
party server. When enrolment is complete, this will be recognised by the logon 
server matching a particular response from the third party server or by the user 
clicking on a button on the logon server frame. The logon server then creates a 
new 'destination' for the user with the name of their choice. For many destinations, 
the logon server will know how to fill out the log on form for the site with the user's 
information gathered during the enrolment process by reference to another logon 
server template corresponding to the site's log on page. For some services, 
especially those which allocate a username or password to the user and send it to 
them via email, the logon server may need the user to 'teach' it to log on to that 
service before single sign on can be enabled. If this is the case, then the 
mechanism for single sign on (as described in Examples 1 and 2) will be used to 
collect and store the log-on form data from the user. 

Thus, as described with reference to Examples 1, 2 and 3, and with the minimum of 
interaction, a logon server user can find out about, enrol for and use as many web 
services as they wish without ever needing to remember the usemames or 
passwords for each service. 

Some sites use an HTTP protocol called Basic Authentication to authenticate their 
users. Where Basic Authentication Is used, the user data is not collected using an 
HTML form. Instead, when the user attempts to access a page that requires 
authentication, the web server will serve their browser an error including an HTTP 
header that requests authentication. 
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Modern web browsers respond to the error/header by prompting the user for a 
username and password. Subsequent requests to that server that the browser 
makes to a server-specified realm (all paths under a specified location on the 
server) will be accompanied by a header which provides the username and 
5 password information gathered from the user. Thus the user only needs to enter 
this information once per browser session (or may even store that information in 
their browser) but the browser will submit It to the server for every page requested 
from the specified realm. 

10 The logon server's single sign on mechanism as described above will not work with 
this system. The logon server however can provide a number of features in order 
to facilitate the maintenance of usernames and passwords especially when the user 
may be "mobile": they may be using more than one web browser or more than one 
computer to access web services. 

15 

These features can include: 

• A user "notes" field to accompany each destination. Users can store, In a 
secure and centralized manner, the usernames and passwords required for 
services that use basic authentication. The user would then simply copy the 

20 information from the notes that the logon server displays for a destination 

and paste it into the username and password dialog box that their browser 
displays; 

• The logon server can implement an additional proxy server that would 
modify the requests from the user's browser In order to include the basic 

25 authentication information that could be stored by the logon server. This 

effectively means that the logon server Implements the user's browser's part 
of the basic authentication system on the user's behalf; 

• The logon server can provide an optional downloadable component which, 
when installed, reads basic authentication information belonging to the user 

30 from the logon server. This component, now running on the user's client 

computer, inserts this information Into the user's browser's password 
management system in order to fool the browser into using this information 
instead of prompting the user to enter it. 

35 The logon server also provides a range of administration functions that allow the 
user to manage their logon server destinations. Users can delete, rename or edit 
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the destinations in their personal catalogues of destinations. When deleting or 
editing their destinations, the logon server will display the log-on form contents 
that the user originally entered. This allows the user to be reminded of their 
usemames and passwords should they wish to enter them manually or should they 
need to Ve-teach' the logon server how to log on to a service that may have 
changed its log-on form. 
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CLAIMS 

1 A distributed client/server computer system comprising a network of servers 
and clients in which user access to restricted resources administered by at least 
some of said servers is controlled by a logon procedure that identifies an authorised 
user to the respective administering server, which system includes a logon server 
accessible by a plurality of clients, and the logon server is provided with: 

a) a user authentication procedure by means of which a user can log on to the 
logon server from one of said plurality of clients and use said authentication 
procedure to uniquely identify that user to the logon server; 

b) a stored library, specific to a user of the logon server, of network addresses 
of user-selected resources, including restricted resources, and of user data 
to satisfy logon procedures for the user to access the restricted resources; 
and 

c) means for detecting a request from a logged-in user through a given client 
for access to data from a resource, and, in the case of a restricted resource, 
for then carrying our at least one of the following procedures: 

(i) using the stored library of user data to complete a user logon 

procedure for that resource on behalf of the user to log the user on to 
the resource, receiving the requested data from the server 
administering the resource, and forwarding the said data to the client 
by which it was requested; 

(i») using the stored library of user data to prepare a user logon form for 
that resource on behalf of the user and forwarding the said form to 
the client by which it was requested for the user to submit to that 
resource to log the user on to that resource; 

(iii) using the stored library of user data to partially complete a user 
logon form for that resource on behalf of the user, serving the 
partially complete form to the client, receiving the form from the 
client after the Insertion of data by the user, and adding data inserted 
into the form by the user to the library for recall for future use in 
procedure (i) or (ii). 

2 A system according to claim 1 In which the logon server authentication 
procedure includes transferring a username from the client to identify the user and 
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transferring a verification from the client to verify the user, wherein the verification 
is an action specific to that username. 

3 A system according to claim 2 in which the action is a demonstration of the 
recognition of a specific set of human faces. 

4 A system according to any one of the preceding claims in which the logon 
server is provided with means for requesting access to the data from the server 
administering the resource, whereby to determine whether the resource is a 
restricted resource. 



5 A system according to claim 4 comprising means for searching for an HTML 
form in order to determine whether the resource is a restricted resource. 

6 A system according to any one of the preceding claims in which means for 
carrying out procedures (i), (ii) and (iii) include a store of user logon forms for 
restricted resources. 

7 A system according to any one of the preceding claims in which the user 
logon procedure Is a user enrolment procedure and the user logon form is a user 
enrolment form. 



8 A system according to any one of claims 1 to 6 in which the user logon 
procedure is a user authentication procedure and the user logon form is a usei 
authentication form. 



9 A system according to any one of the preceding claims In which the stored 
library Includes a user-editable catalogue of resources and the logon server means 
is provided with means for displaying the catalogue to the user for enabling the 
user to select a resource to log on to. 

10 A system according to claim 9 in which the catalogue Is specific to the user. 

11 A system according to claim 9 or claim 10 in which selection of a resource 
from the catalogue by the user Is Interpreted by the logon server as a request for 
access to data from that resource. 
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12 A system according to any one of the preceding claims in which the logon 
server includes a proxy server. 

13 A system according to any one of the preceding claims in which the network 
protocols include Transmission Control Protocol/Internet Protocol (TCP/IP). 

14 A system according to claim 13 in which the network addresses of the 
resources are identified by the user by means of Uniform Resource Locators (URLs). 

15 A system according to claim 13 or claim 14 in which the resources include 
Web sites. 

16 A system according to any one of claims 13 to 15 in which data is 
transferred over the network by means of HyperText Transfer Protocol (HTTP). 

17 A system according to any one of the preceding claims in which the network 
is the Internet or an intranet. 

18 For use with a distributed client/server computer system comprising a 
network of servers and clients in which user access to certain restricted resources 
administered by at least some of said servers is controlled by a logon procedure 
that identifies an authorised user to the respective administering server, a method 
of logging a user on to a user-selected restricted resource from a user-selected one 
of a plurality of clients, comprising: 

a) providing a logon server in the network; 

b) transmitting a user request from said one client to said logon server to log 
the user on to the server; 

c) invoking a user authentication procedure by means of which a user can log 
on to the logon server from one of said plurality of clients and use said 
authentication procedure to uniquely Identify that user to the logon server; 

d) maintaining a stored library, specific to a user of the logon server, of 
network addresses of user-selected resources, Including restricted resources, 
and of user data to satisfy logon procedures for the user to access the 
restricted resources; 



e) detecting a request from a logged-in user through a given client for access 
to data from a resource, and, in the case of a restricted resource, then 
carrying out at least one of the following procedures: 
(I) using the stored library of user data to complete a user logon 

procedure for that resource on behalf of the user to log the user on to 
the resource, receiving the requested data from the server 
administering the resource, and forwarding the said data to the client - 
by which it was requested; 

(ii) using the stored library of user data to prepare a user logon form for 
that resource on behalf of the user and forwarding the said form to 
the client by which it was requested for the user to submit to that 
resource to log the user on to that resource; 

(iii) using the stored library of user data to partially complete a user 
logon form for that resource on behalf of the user, serving the 
partially complete form to the client, receiving the form from the 
client after the insertion of data by the user, and adding data inserted 
into the form by the user to the library for recall for future use in 
procedure (i) or (ii). 



19 A method of authenticating a client to a server in a distributed client/server 
computer system comprising a network of servers and clients In which user access 
to certain restricted resources administered by at least some of said servers Is 
controlled by a logon procedure that identifies an authorised user to the respective 
administering server, which comprises: 

a) providing a logon server in the network; 

b) transmitting a user request from said one client to said logon server to log 
the user on to the server; 

c) invoking a user authentication procedure by means of which a user can log 
on to the logon server from one of said plurality of clients and use said 
authentication procedure to uniquely identify that user to the logon server; 

d) maintaining a stored library, specific to a user of the logon server, network 
addresses of user-selected resources, including restricted resources, and of 
user data to satisfy logon procedures for the user to access the restricted 
resources; 
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e) detecting a request from a logged-in user through a given client for access 
to data from a resource, and, in the case of a restricted resource, then 
carrying out at least one of the following procedures: 

(i) using the stored library of user data to complete a user logon 
procedure for that resource on behalf of the user to log the user on to 
the resource, receiving the requested data from the server 
administering the resource, and forwarding the said data to the client 
by which it was requested; 

(ii) using the stored library of user data to prepare a user logon form for 
that resource on behalf of the user and forwarding the said form to 
the client by which it was requested for the user to submit to that 
resource to log the user on to that resource; 

(iii) using the stored library of user data to partially complete a user 
logon form for that resource on behalf of the user, serving the 
partially complete form to the client, receiving the form from the 
client after the insertion of data by the user, and adding data inserted 
into the form by the user to the library for recall for future use in 
procedure (i) or (ii). 

20 A method according to claim 18 or claim 19 in which the user logon 
procedure is a user enrolment procedure and the user logon form is a user 
enrolment form. 

21 A method according to daim 18 or claim 19 in which the user logon 
procedure is a user authentication procedure and the user logon form is a user 
authentication form. 

22 A method according to claim 21 in which the user Is authenticated in 
subsequent visits to a restricted resource by the logon server serving a completed 
input form either direct to the resource or to the client for the client to submit to 
the resource. 

23 A method according to any one of claims 18 to 22 which includes using the 
user data from the library in order to log the user on to a resource not previously 
accessed by the user through the logon server if the resource requests data that Is 
already held for that user in the library. 
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24 A method according to any one of claims 18 to 23 in which the logon server 
rewrites HTML forms prior to submitting them to a client by at least one of: 

a) removing HREFS; 

b) rewriting relative URLs to absolute URLs; 

c) rewriting the form action. 



25 A method according to any one of claims 18 to 24 in which the logon server 
serves forms to the user in a frameset indicating that the form is to be submitted 
by the client to the logon server rather than to the selected resource. 

26 A distributed client/server computer system comprising a network of servers 
and clients in which user access to restricted resources administered by at least 
some of said servers is controlled by a logon procedure that identifies an authorised 
user to the respective administering server, which system includes a logon server 
accessible by a plurality of clients, substantially as herein described. 

27 a method of authenticating a client to a server in a distributed client/server 
computer system comprising a network of servers and clients in which user access 
to certain restricted resources administered by at least some of said servers is 
controlled by a logon procedure that identifies an authorised user to the respective 
administering server, substantially as herein described. 
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